Semiconductor integrated circuit device, program delivery method, and program delivery system

ABSTRACT

When an encrypted program and a decryption program are inputted to a first memory, a semiconductor integrated circuit device causes a bus port to disable access from the outside and enables access to the first memory and to a second memory, thereby transferring the encrypted program and the decryption program from the first memory to the second memory. When the transfer is completed, the semiconductor integrated circuit device disables access to the first memory and gives, to a CPU, an instruction to decrypt the encrypted program by using a secret key held in a secret key holder and the decryption program and execute the decrypted program. After the execution of the decrypted program is completed, the semiconductor integrated circuit device disables access to the second memory.

BACKGROUND OF THE INVENTION

The present invention relates to a semiconductor LSI having the functionof decrypting an encrypted program and executing the decrypted programwhich is mounted on information equipment or the like. Moreparticularly, it relates to a processing system and method forencrypting a program and delivering the encrypted program from a deviceat a program owner to a device at a program user.

With the widespread use of information equipment capable of rewriting aprogram or executing a user program, a system for preventing illegalcopying of software has been devised in recent years. In a method inwhich a program is encrypted and delivered, provision has been made toprevent the copying of a program for decrypting the encrypted program(hereinafter referred to as the “decryption program”. For example, adecryption program is disposed in the internal memory of an LSI fromwhich it cannot be read from the outside and the decrypted program isfurther protected from being read from the outside (see, e.g., JapaneseLaid-Open Patent Publication No. HEI 8-30558).

FIG. 18 is a block diagram showing a conventional semiconductorintegrated circuit device for executing an encrypted program.

The semiconductor integrated circuit device 1 shown in FIG. 18 has: aCPU 3; internal memories 4 and 5 for inputting/outputting data via aninternal bus 7; a bus port 6 for controlling the inputting/outputting ofdata to and from the outside via an external bus 2; an I/O port 9connected to the CPU 3 via an I/O bus 8; a memory port 10 forcontrolling the internal RAM 5; and control registers 11 for controllingthe memory port 10.

A decryption program for decrypting the encrypted program is stored inthe internal ROM 4. The encrypted program is read in the internal RAM 5and decrypted in accordance with the decryption program. The decryptedprogram is written in the internal RAM 5. The decrypted program writtenin the internal RAM 5 is protected from being read from the memory port10 to the outside under the control of the control registers 11.

However, since the decryption program is kept in the LSI as describedabove, an internal nonvolatile memory should be provided in the LSI,which increases cost required for the LSI.

In addition, if a malicious program is encrypted, read in the LSI, andthen executed, the decryption program may be transferred by the programto the outside and hacked. The use of the decryption program that hasbeen hacked makes it possible to hack the encrypted program. Once theencrypted program is hacked, the LSI cannot be used any more since thedecryption program cannot be changed.

A problem has also been encountered that an encryption program and anencryption strength cannot be selected by the encrypted programtransferor.

SUMMARY OF THE INVENTION

It is therefore an object of the present invention to provide alower-cost semiconductor integrated circuit device which allows areduction in the probability that an encrypted program is hacked.

To solve the foregoing problems, a first semiconductor integratedcircuit device according to the present invention comprises: a firstmemory for inputting and outputting data between a bus and itself, asecond memory for inputting and outputting data between the bus anditself; a secret key holder for holdin a secret key; a bus port forcontrolling access from outside to the bus; a CPU for storing anencrypted program and a decryption program in the first memory via thebus port, decrypting the encrypted program by using the decryptionprogram and the secret key, and executing the decrypted program; and acontroller for causing, when the encrypted program and the decryptionprogram are stored in the first memory, the bus port to disable accessfrom the outside, enabling access to the first and second memories, andthereby transferring the encrypted program and the decryption programfrom the first memory to the second memory, disabling access to thefirst memory when the transfer is completed, and disabling access to thesecond memory when the decryption and the execution of the decryptedprogram are completed.

With the first semiconductor integrated circuit device according to thepresent invention, it is no more necessary to provide the semiconductorintegrated circuit device with an internal nonvolatile memory forkeeping the decryption program so that a cost reduction is achieved.Moreover, the encrypted program can be decrypted and executed, while theprogram and data under decryption are not monitored from the outside.This reduces the probability that the encrypted program is hacked.

Preferably, the first semiconductor integrated circuit device accordingto the present invention further comprises: a secret key access port forcontrolling access from the CPU to the secret key holder, wherein thesecret key access port enables access to the secret key holder when thetransfer is completed and disables access to the secrete key holder whenthe execution of the decrypted program is completed.

In the first semiconductor integrated circuit device according to thepresent invention, the CPU preferably includes a register and erasesdata stored in the register if the execution of the decrypted program iscompleted.

In the first semiconductor integrated circuit device according to thepresent invention, the controller preferably controls access to thefirst and second memories by controlling chip select signals to thefirst and second memories.

In the first semiconductor integrated circuit device according to thepresent invention, the controller preferably includes a flag storingportion for storing first and second flags, enables access to the firstand second memories when the first flag is set, disables access to thefirst memory when the first flag is reset and the second flag is set,and disables access to the second memory when each of the first andsecond flags is reset, the bus port preferably disables access from theoutside when at least one of the first and second flags is set, and theCPU preferably sets the first and second flags when the encryptedprogram and the decryption program are inputted to the first memory,resets the first flag when the transfer is completed, and resets thesecond flag when the execution of the decrypted program is completed.

To solve the foregoing problems, a second semiconductor integratedcircuit device according to the present invention comprises: a firstmemory for inputting and outputting data between a bus and itself, asecond memory for inputting and outputting data between the bus anditself, a first memory port connected between the bus and the firstmemory to control access from the bus to the first memory; a secondmemory port connected between the bus and the second memory to controlaccess from the bus to the second memory; a secret key holder forholding a secret key; a bus port for controlling access from outside tothe bus; a CPU having a register, the CPU writing an encrypted programand a decryption program in the first memory via the bus port,decrypting the encrypted program by using the decryption program and thesecret key, writing the decrypted program in the second memory, andexecuting the decrypted program; and a controller for causing, when thewriting to the first memory is completed, the bus port to disable accessfrom the outside to the bus, causing the first memory port to disablethe writing to the first memory, and causing the second memory port toenable access to the second memory and causing, when the execution ofthe decrypted program is completed, the CPU to erase data stored in theregister and disable access to the secrete key holder, while causing thesecond memory port to disable access to the second memory.

With the second semiconductor integrated circuit device according to thepresent invention, it is no more necessary to provide the semiconductorintegrated circuit device with an internal nonvolatile memory forkeeping the decryption program so that a cost reduction is achieved.Moreover, the encrypted program can be decrypted and executed, while theprogram and data under decryption are not monitored from the outside.This reduces the probability that the encrypted program is hacked.

To solve the foregoing problems, a third semiconductor integratedcircuit device according to the present invention comprises: a firstmemory for inputting and outputting data between a bus and itself; asecond memory for inputting and outputting data between the bus anditself; a memory port connected between the bus and the first memory tocontrol access from the bus to the first memory; a secret key holder forholding a secret key; a bus port for controlling access from outside tothe bus; a CPU having a register, the CPU writing an encrypted programand a decryption program in the first memory via the bus port,decrypting the encrypted program by using the decryption program and thesecret key, writing the decrypted program in the second memory, andexecuting the decrypted program; and a controller including a memoryinitializer for erasing data in the second memory, the controllercausing, when the wiring to the first memory is completed, the bus portto disable access from the outside to the bus and causing the memoryport to disable the writing to the first memory and causing, when theexecution of the decrypted program is completed, the CPU to erase datastored in the register and disable access to the secret key holder andcausing the memory initializer to erase the data in the second memory.

With the third semiconductor integrated circuit device according to thepresent invention, it is no more necessary to provide the semiconductorintegrated circuit device with an internal nonvolatile memory forkeeping the decryption program so that a cost reduction is achieved.Moreover, the encrypted program can be decrypted and executed, while theprogram and data under decryption are not monitored from the outside.This reduces the probability that the encrypted program is hacked.

To solve the foregoing problems, a fourth semiconductor integratedcircuit device according to the present invention comprises: a firstmemory for inputting and outputting data between a bus and itself; asecond memory for inputting and outputting data between the bus anditself; a secret key holder for holding a secret key; a decryption keyholder for holding a decryption key; a bus port for controlling accessfrom outside to the bus; a CPU including a register, the CPU performingfirst storage for storing the encrypted decryption key and a decryptionkey decryption program in the first memory via the bus port, performingfirst decryption for decrypting the encrypted decryption key by usingthe decryption key decryption program and the secret key, writing thedecrypted decryption key in the decryption key holder, performing secondstorage for storing an encrypted program and a decryption program in thefirst memory, performing decryption for decrypting the encrypted programby using the decryption program and the decrypted decryption key, andexecuting the decrypted program; and a controller for causing, when thefirst storage to the first memory is completed, the bus port to disableaccess from the outside to the bus and enabling access to the first andsecond memories such that the encrypted decryption key and thedecryption key decryption program are transferred from the first memoryto the second memory, enabling, when the transfer is completed, accessto the secret key holder and disabling access to the first memory;causing, when the first decryption is completed, the CPU to erase datastored in register and disable access to the secret key holder, whiledisabling access to the second memory, enabling access to the firstmemory, and causing the bus port to enable access from the outside tothe bus, causing, when the second storage to the first memory iscompleted, the bus port to disable access from the outside to the busand enabling access to the second memory such that the encrypted programand the decryption program are transferred from the first memory to thesecond memory, enabling, when the transfer is completed, access to thedecryption key holder and disabling access to the first memory, andcausing, when the second decryption and the execution of the decryptedprogram are completed, the CPU to erase data stored in the register anddisable access to the secret key holder and disabling access to thesecond memory.

With the fourth semiconductor integrated circuit device according to thepresent invention, it is no more necessary to provide the semiconductorintegrated circuit device with an internal nonvolatile memory forkeeping the decryption program so that a cost reduction is achieved.Moreover, the encrypted program can be decrypted and executed, while theprogram and data under decryption are not monitored from the outside.This reduces the probability that the encrypted program is hacked. Inaddition, the encryption program and the encryption strength can beselected at the encrypted program transferor.

To solve the foregoing problems, a first program delivery methodaccording to the present invention is a program delivery method fordelivering a program between a first device and a second device, themethod comprising the steps of: transferring a public key from thesecond device to the first device; transferring a decryption program tothe second device from the outside thereof, encrypting the program byusing the public key in the first device and transferring the encryptedprogram to the second device; and decrypting the encrypted program byusing a secret key corresponding to the public key and the decryptionprogram in the second device.

In accordance with the first program delivery method of the presentinvention, it is no more necessary to provide the semiconductorintegrated circuit device with an internal nonvolatile memory forkeeping the decryption program so that a cost reduction is achieved.Moreover, the encrypted program can be decrypted and executed, while theprogram and data under decryption are not monitored from the outside.This reduces the probability that the encrypted program is hacked.

To solve the foregoing problems, a second program delivery methodaccording to the present invention is a program delivery method fordelivering a program between a first device and a second device, themethod comprising the steps of: transferring a public key from thesecond device to the first device; encrypting a decryption key by usingthe public key in the first device and transferring the encrypteddecryption key to the second device; decrypting the encrypted decryptionkey by using a secret key corresponding to the public key in the seconddevice; encrypting the program by using an encryption key correspondingto the decryption key in the first device and transferring the encryptedprogram to the second device; and decrypting the encrypted program byusing the decrypted decryption key in the second device.

In accordance with the second program delivery method of the presentinvention, it is no more necessary to provide the semiconductorintegrated circuit device with an internal nonvolatile memory forkeeping the decryption program so that a cost reduction is achieved.Moreover, the encrypted program can be decrypted and executed, while theprogram and data under decryption are not monitored from the outside.This reduces the probability that the encrypted program is hacked. Inaddition, the encryption program and the encryption strength can beselected at the encrypted program transferor.

To solve the foregoing problems, a first program delivery systemaccording to the present invention is a program delivery system fordelivering a program, the system comprising: a first device and a seconddevice, the first device encrypting the program by using a public keyand transferring the encrypted program to the second device and thesecond device decrypting the program encrypted by the first device byusing a secret key corresponding to the public key and a decryptionprogram transferred from the outside of the second device.

In accordance with the first program delivery system of the presentinvention, it is no more necessary to provide the semiconductorintegrated circuit device with an internal nonvolatile memory forkeeping the decryption program so that a cost reduction is achieved.Moreover, the encrypted program can be decrypted and executed, while theprogram and data under decryption are not monitored from the outside.This reduces the probability that the encrypted program is hacked.

To solve the foregoing problems, a second program delivery systemaccording to the present invention is a program delivery system fordelivering a program, the system comprising: a first device and a seconddevice, the first device encrypting a decryption key by using a publickey, transferring the encrypted decryption key to the second device,encrypting the program by using an encryption key corresponding to thedecryption key, and transferring the encrypted program to the seconddevice, the second device decrypting the decryption key encrypted by thefirst device by using a secret key corresponding to the public key anddecrypting the program encrypted by the first device by using thedecrypted decryption key.

In accordance with the second program delivery system of the presentinvention, it is no more necessary to provide the semiconductorintegrated circuit device with an internal nonvolatile memory forkeeping the decryption program so that a cost reduction is achieved.Moreover, the encrypted program can be decrypted and executed, while theprogram and data under decryption are not monitored from the outside.This reduces the probability that the encrypted program is hacked. Inaddition, the encryption program and the encryption strength can beselected at the encrypted program transferor.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram for illustrating a structure of asemiconductor integrated circuit device in a first embodiment of thepresent invention;

FIG. 2 is a flow chart showing the procedure of decrypting an encryptedprogram;

FIG. 3 is a block diagram for illustrating a structure of asemiconductor integrated circuit device in a second embodiment of thepresent invention;

FIG. 4 is a flow chart showing the procedure of decrypting an encryptedprogram;

FIG. 5 is a block diagram for illustrating a structure of asemiconductor integrated circuit device in a third embodiment of thepresent invention;

FIG. 6 is a flow chart showing the procedure of decrypting an encryptedprogram;

FIG. 7 is a block diagram for illustrating a structure of asemiconductor integrated circuit device in a fourth embodiment of thepresent invention;

FIG. 8 is a flow chart showing the procedure of decrypting an encrypteddecryption key;

FIG. 9 is a view showing correlations among the respective states offlags, a bus port, and chip select signals;

FIG. 10 is a flow chart showing the procedure of -decrypting anencrypted program;

FIG. 11 is a view showing the transfer of a public key from a programuser to a program developer;

FIG. 12 is a view showing the encryption of a decryption key;

FIG. 13 is a view showing the transfer of an encrypted decryption keyfrom the program developer to the program user;

FIG. 14 is a view showing the decryption of an encrypted decryption key;

FIG. 15 is a view showing the encryption of a program;

FIG. 16 is a view showing the transfer of an encrypted program from theprogram developer to the program user;

FIG. 17 is a view showing the decryption of an encrypted program; and

FIG. 18 is a block diagram showing a structure of a conventionalsemiconductor integrated circuit device.

DETAILED DESCRIPTION OF THE INVENTION

Referring to the drawings, the individual embodiments of the presentinvention will be described herein below.

Embodiment 1

FIG. 1 is a block diagram for illustrating a structure of asemiconductor integrated circuit device 101 in a first embodiment of thepresent invention.

As shown in FIG. 1, an encrypted program is transferred from a PC 128 a(corresponding to a first device) which is a device at a programdeveloper to a program user via a PC 126. In the semiconductorintegrated circuit device 101 (corresponding to a second device) withininformation equipment 140 at the user, the encrypted program isdecrypted by using a secret key and a decryption program.

The PC 128 a is a device at the program developer and keeps a programD128 a and an encryption program 128 b for encrypting a program.

The information equipment 140 is equipment at the program user and has:the semiconductor integrated circuit device 101; a flash memory 123 afor keeping a decryption program D123 a; a USB upstream port 124; andperipheral equipment 150. An outer bus 102 provides connection among thesemiconductor integrated circuit 101, the flash memory 123 a, and theUSB upstream port 124.

The semiconductor integrated circuit device has: a CPU 103 a; internalRAMs 104 (corresponding to a first memory) and 105 (corresponding to asecond memory); a public key storing register 106; a bus port 110 a; asecurity controller 111 a; and an I/O port 122. The internal bus 109 isconnected in the manner as shown in the drawing.

The CPU 103 a has a general-purpose register controller 119 a andgeneral-purpose registers 120 a.

The security controller 111 a has a flag storing portion 113 a forstoring a program decryption execute flag 112F (corresponding to asecond flag) and a RAM copy flag 113F (corresponding to a first flag), achip select dispatcher 114 a, and a DMA controller 118 a.

A specific description will be given to the respective contents andoperations of the individual elements.

The external bus 102 is used to transfer a public key stored in thepublic key storing register 106 to the personal computer 128 a andtransfer a program encrypted by using the public key and the encryptionprogram D128 b to the semiconductor integrated circuit device 101.

The CPU 103 a operates in accordance with a program stored in theinternal RAMs 104 and 105 or in the flash memory 123 a. The CPU 103 anot only operates a normal program but also decrypts an encryptedprogram and executes the decrypted program. The CPU 103 a also transfersthe encrypted-program inputted from the outside and the decryptionprogram D123 a to the internal RAM 104.

The internal RAM 104 is a memory used during a normal operation, i.e.,when either of the decryption program D123 a and the decrypted programis not executed. A description will be given to the case where a programencrypted by using the public key and the encryption program D128 b isdecrypted and executed. First, the encrypted program and the decryptionprogram D123 a in the flash memory 123 a are transferred by the CPU 103a to the internal RAM 104 in the state in which the external bus 102 andthe internal bus 109 are connected to each other by the bus port 110 a.Then, after the bus port 110 a disconnects the external bus 102 and theinternal bus 109 from each other, the encrypted program and thedecryption program D123 a are transferred by the DMA controller 118 afrom the internal RAM 104 to the internal RAM 105. Thereafter, thesecurity controller 111 a disables access from the internal bus 109 tothe internal RAM 104 until the execution of the decrypted program iscompleted.

The internal RAM 105 is used during the execution of the decryptionprogram D123 a and during the execution of the decrypted program. Adescription will be given to the case where the encrypted program isdecrypted and executed. After the bus port 110 a disconnects theexternal bus 102 and the internal bus 109 from each other, the encryptedprogram and the decryption program D123 a are transferred by the DMAcontroller 118 a from the internal RAM 104 to the internal RAM 105. Inthe state in which the external bus 102 and the internal bus 109 areconnected to each other by the bus port 110 a, the security controller111 a disables access from the internal bus 109 to the internal RAM 105.Accordingly, the decrypted program temporarily stored in the internalRAM 105 and data during the execution of a decryption process are notmonitored from the outside.

The public key storing register 106 is a register storing therein apublic key, which is used only for reading. The public key istransferred to the personal computer 128 a disposed outside thesemiconductor integrated circuit device 101 and used when the programD128 a is encrypted in accordance with the encryption program D128 b.

The secret key storing register 107 is a register storing therein asecret key, which is used only for reading. The secret key is used whenthe encrypted program is decrypted in accordance with the decryptionprogram D123 a.

The secret key access port 108 a enables the CPU 103 a to read thesecrete key from the secret key storing register 107 only while the RAMcopy flag 113F is reset. Specifically, the secret key access port 108 aenables the CPU 103 a to read the secret key from the secret key storingregister 107 only while the program is decrypted, the decrypted programis executed after the decryption program D123 a is initiated, thetransfer of the encrypted program and the decryption program D123 a fromthe internal RAM 104 to the internal RAM 105 is completed, and the RAMcopy flag 113F is reset. At any time other than the above, the secretkey access port 108 a disables the reading of the secret key.

The internal bus 109 is used to transfer a program and data within thesemiconductor integrated circuit device 101.

The bus port 110 a disconnects the internal bus 109 and the external bus102 from each other if at least one of the program decryption executeflag 112F and the RAM copy flag 113F is set. Accordingly, the internalbus 109 and the internal RAM 105 are not monitored from the outsideduring the transfer of the encrypted program and the decryption programD123 a and during the execution of the decryption program D123 a and thedecrypted program. In any case other than the above, the internal bus109 and the external bus 102 are connected to each other.

The security controller 111 a is internally provided with the flagstoring portion 113 a for keeping the program decryption execute flag112F and the RAM copy flag 113F, with the chip select dispatcher 114 a,and with the DMA controller 118. The security controller 111 a controlsthe bus port 110 a, the secret key access port 108 a, chip selectsignals 116S and 117S, and the general-purpose register controller 119 ain decrypting the program encrypted by using the encryption program D128b and the public key stored in the public key storing register 106 andexecuting the decrypted program.

A description will be given to the case where the program encrypted bythe encryption program D128 b is decrypted and executed. First, when theencrypted program and the decryption program D123 a are transferred bythe CPU 103 a to the internal RAM 104 in the state in which the externalbus 102 and the internal bus 109 are connected to each other by the busport 110 a, the bus port 110 a then disconnects the external bus 102 andthe internal bus 109 from each other. Then, the chip select dispatcher114 a asserts the chip select signals 116S and 117S such that theprogram encrypted by the DMA controller 118 a and the decryption programD123 a are transferred from the internal RAM 104 to the internal RAM105. When the transfer is completed, the chip select dispatcher 114 anegates the chip select signal 116S and then shifts to the control ofthe CPU 103 a. When the program is decrypted in the CPU 103 a and theexecution of the decrypted program is completed, a completion notice isgiven to the chip select dispatcher 114 a. Upon receipt of the notice,the chip select dispatcher 114 a generates the chip select signal 117S,causes the general-purpose register controller 119 a to initialize thegeneral-purpose registers 120 a, and outputs the chip select signal 115Sfrom the CPU 103 a as the chip select signal 116S. Thereafter, the busport 110 a connects the internal bus 109 and the external bus 102 toeach other.

The program decryption execute flag 112F is set by the CPU 103 a at theinitiation of the decryption program D123 a and reset by the CPU 103 aat the completion of the execution of the decrypted program. Thedecryption program D123 a is initiated, the transfer of the encryptedprogram and the decryption program D123 a from the internal RAM 104 tothe internal RAM 105 is completed, and the RAM copy flag 113F is reset.While the encrypted program is decrypted and the decrypted program isexecuted thereafter, access to the internal RAM 104 is disabled, whileaccess to the internal RAM 105 and to the secret key storing register107 is enabled. When the program decryption execute flag 112F is reset,access to the internal RAM 105 and to the secret key storing register107 is disabled.

The RAM copy flag 113F is set by the CPU 103 a at the initiation of thedecryption program D123 a and reset at the completion of data transferfrom the internal RAM 104 to the internal RAM 105. Since the internalRAMs 104 and 105 are at the same location on a memory map, therespective chip select signals to the internal RAMs 104 and 105 are notnormally asserted simultaneously. However, each of the chip selectsignals 116S and 117S from the chip select dispatcher 114 a to theinternal RAMs 104 and 105 is asserted by setting the RAM copy flag 113Fwhen the encrypted program or the like is to be transferred from theinternal RAM 104 to the internal RAM 105.

The chip select dispatcher (hereinafter referred to as “CS dispatcher”)114 a asserts each of the chip select signals 116S and 117S when the RAMcopy flag 113F is set, thereby enabling the DMA controller 118 a totransfer the encrypted program and the decryption program D123 a fromthe internal RAM 104 to the internal RAM 105. When the programdecryption execute flag 112F is set and the RAM copy flag 113F is reset,the CS dispatcher 114 a negates the chip select signal 116S andtransfers the chip select signal 115S as the chip select signal 117S.This enables access to the internal RAM 105 during the decryption of theencrypted program and during the execution of the decrypted program. Inany case other than those mentioned above, the CS dispatcher 114 atransfers the chip select signal 115S as the chip select signal 116S andnegates the chip select signal 117S, thereby disabling access to theinternal RAM 105 during a normal operation, i.e., when either of thedecryption program D123 a and the decrypted program is not executed.

The chip select signal 115S is outputted from the CPU 103 a and assertedwhen the internal RAM 104 or the internal RAM 105 is to be accessed.

The chip select signals 116S and 117S are outputted from the CSdispatcher 114 a. The chip select signal 116S is asserted when theinternal RAM 104 is to be accessed. The chip select signal 117S isasserted when the internal RAM 105 is to be accessed.

When the RAM copy flag 113F is set, the DMA controller 118 a transfersthe encrypted program and the decryption program D123 a from theinternal RAM 104 to the internal RAM 105. When the transfer iscompleted, the RAM copy flag 113 is reset.

The general-purpose register controller 119 a resets the general-purposeregisters 120 a when the program decryption execute flag 112F is reset.During the decryption of the encrypted program, therefore, datagenerated in the general-purpose registers 120 a during the execution ofthe decrypted program is not monitored from the outside.

The I/O port 122 is connected to the CPU 103 a via the I/O bus 121. TheI/O port 122 is also connected to an external circuit such as a soundmodule 151 or a video module 152 in the peripheral equipment 150.

The flash memory 123 a keeps the decryption program D123 a.

The decryption program D123 a is transferred to the internal RAM 105 viathe internal RAM 104 within the semiconductor integrated circuit device101 and used in conjunction with the secret key stored in the secret keystoring register 107 when the encrypted program is decrypted.

The USB upstream port 124 is connected to the personal computer 126 viaa USB cable 125 and used to transfer the encrypted program to thesemiconductor integrated circuit device 101.

The USB cable 125 -is used to transfer the encrypted program from thepersonal computer 126 to the USB upstream port 124.

The personal computer 126 receives the encrypted program from thepersonal computer 128 a and transfers the encrypted program to theinformation equipment 140 on which the semiconductor integrated circuitdevice 101 is mounted.

A network line 127 is used to transfer the encrypted program from thepersonal computer 128 to the personal computer 126.

The personal computer 128 receives the public key stored in the publickey storing register 106 from the personal computer 126 via the networkline 127, encrypts the program D128 a by using the encryption programD128 b and the public key, and transfers the encrypted program to thepersonal computer 126 via the network line 127.

The program 128 a is encrypted by using the encryption program D128 band the public key stored in the public key storing register 106 andthen transferred to the semiconductor integrated circuit device 101 viathe network line 127, the personal computer 126, the USB cable 125, theUSB upstream port 124, and the external bus 102. The encrypted program128 a is decrypted in the semiconductor integrated circuit device 101 byusing the decryption program D123 a and the secret key stored in thesecret key storing register 107.

A reference numeral D128 b denotes an encryption program for encryptingthe program D128 a by using the public key stored in the public keystoring register 106.

The information equipment 140 has: the semiconductor integrated circuitdevice 101; the peripheral equipment 150; the flash memory 123 a; andthe USB upstream port 124.

The peripheral equipment 150 has: the sound module 151; and the videomodule 152 and is connected to the I/O port 122 in the semiconductorintegrated circuit device 101.

The sound module 151 is connected to the I/O port 122 of thesemiconductor integrated circuit device 101 to perform reproduction,recording, and the like of a sound through the transmission andreception of transferred data and the reception of a control signal.

The video module 152 is connected to the I/O port 122 of thesemiconductor integrated circuit device 101 to perform reproduction of adynamic picture image through the transmission and reception oftransferred data and the reception of a control signal.

Referring to FIG. 2, the outline of the procedure of decrypting theencrypted program to generate the program D128 a and executing theprogram D128 a will be described.

FIG. 2 is a flow chart showing the procedure of decrypting the encryptedprogram in the first embodiment.

First, in Step ST201, the CPU 103 a transfers the decryption programD123 a and the encrypted program to the internal RAM 104.

When the transfer is completed, the whole process then advances to StepST202 where the CPU 103 a sets the program decryption execute flag 112Fand the RAM copy flag 113F. At this time, the bus port 110 a disconnectsthe internal bus 109 and the external bus 102 from each other.

After the disconnection, the whole process then advances to Step ST203where the DMA controller 118 a transfers the decryption program D123 aand the encrypted program in the internal RAM 104 to the internal RAM105.

When the transfer is completed, the whole process then advances to StepST204 where the CPU 103 a resets the RAM copy flag 113F. From theresetting of the RAM copy flag 113F on till the completion of StepST206, which will be described later, the CS dispatcher 114 a does notassert the chip select signal 116S.

The whole process then advances to Step ST205 where the CPU 103 aexecutes the decryption program D123 a, decrypts the encrypted programby using the secret key stored in the secret key storing register 107 togenerate the program D128 a, and writes the generated program D128 a inthe internal RAM 105.

The whole process then advances to Step ST206 where the CPU 103 aexecutes the program D128 a.

Finally, the whole process advances to Step ST207 where the CPU 103 aresets the program decryption execute flag 112F. When the programdecryption execute flag 112F is reset, the general-purpose registercontroller 119 a resets the general-purpose registers 120 a. When theprogram decryption execute flag 112 a is reset, the bus port 110 aconnects the internal bus 109 and the external bus 102 to each other,while the CS dispatcher 114 a outputs the chip select signal 116S as thechip select signal 115S and negates the chip select signal 117S.

Since the chip select signal 116S is not asserted while the decryptionprogram D123 a is executed and the program D128 a is generated, the dataand program D128 a under decryption are not stored in the internal RAM104. Since the chip select signal 117S is negated while the external bus102 and the internal bus 109 are connected to each other by the bus port110 a, the data and program D128 a under decryption is prevented frombeing monitored from the outside.

Thus, according to the first embodiment, it is no more necessary toprovide the semiconductor integrated circuit device with an internalnonvolatile memory for keeping the decryption program so that a costreduction is achieved. Moreover, the encrypted program can be decryptedand executed, while the program and data under decryption are notmonitored from the outside. This reduces the probability that theencrypted program is hacked.

Embodiment 2

FIG. 3 is a block diagram showing a structure of a semiconductorintegrated circuit device 301 according to a second embodiment of thepresent invention. A semiconductor integrated circuit 301 shown in FIG.3 is different from the semiconductor integrated circuit device 101shown in FIG. 1 in that it further comprises a memory port 302(corresponding to a first memory port) and a memory port 303(corresponding to a second memory port). The semiconductor integratedcircuit device 301 is also different from the semiconductor integratedcircuit device 101 in that a security controller 111 b has only a flagstoring portion 113 b for storing the program decryption execute flag112F. As for the other components, they operate similarly to thecomponents shown in FIG. 1 so that the description thereof will not berepeated.

The memory port 302 halts writing to the internal RAM 104 under thecontrol of the security controller when the program decryption executeflag 112F is set. In other words, data cannot be written in the internalRAM 104 during the decryption of the program and during the execution ofthe decrypted program.

The memory port 303 halts access to the internal RAM 105 under thecontrol of the security controller 111 b when the program decryptionexecute flag 112F is reset. In other words, the internal RAM 105 cannotbe accessed during the internal bus 109 and the external bus 102 areconnected to each other by a bus port 110 b. Accordingly, the decryptedprogram and data during the execution of a decryption process, which arewritten in the internal RAM 105, are not monitored from the outside.

A description will be given next to the procedure of decrypting theencrypted program to generate the program D128 a and executing theprogram D128 a.

FIG. 4 is a flow chart showing the procedure of decrypting the encryptedprogram in the second embodiment.

First, in Step ST201, a CPU 103 b transfers the decryption program D123a and the encrypted program to the internal RAM 104.

When the transfer is completed, the whole process then advances to ST402where the CPU 103 b sets the program decryption execute flag 112F. Atthis time, the bus port 110 b disconnects the internal bus 109 and theexternal bus 102 from each other. The memory port 302 halts writing tothe internal RAM 104, while the memory port 303 enables access to theinternal RAM 105.

Then, the whole process advances to Step ST205 where the CPU 103 bexecutes the decryption program D123 a, thereby decrypts the encryptedprogram by using the secret key stored in the secrete key storingregister 107 to generate the program D128 a, and writes the generatedprogram D128 a in the internal RAM 105.

Then, the whole process advances to Step ST206 where the CPU 103 bexecutes the program D128 a.

Finally, when the execution of the program D128 a is completed, thewhole process advances to Step ST207 where the program decryptionexecute flag 112F is reset. When the program decryption execute flag112F is reset, the general-purpose register controller 119 b resets thegeneral-purpose registers 120 b under the control of the securitycontroller 111 b. When the program decryption execute flag 112F isreset, the bus port 110 b connects the internal bus 109 and the externalbus 102 to each other, while the memory port 302 enables writing to theinternal RAM 104 and the memory port 303 halts access to the internalRAM 105.

In the semiconductor integrated circuit device 301, the memory port 302executes the decryption program D123 a and halts writing to the internalRAM 104 while the program D128 a is generated so that the data andprogram D128 a under decryption are not stored in the internal RAM 104.In addition, the memory port 303 halts access to the internal RAM 105while the external bus 102 and the internal bus 109 are connected toeach other by the bus port 110 b so that the data and program D128 aunder decryption are not outputted to the outside.

Thus, according to the second embodiment, it is no more necessary toprovide the semiconductor integrated circuit device with an internalnonvolatile memory for keeping the decryption program so that a costreduction is achieved. Moreover, the encrypted program can be decryptedand executed, while the program and data under decryption are notmonitored from the outside. This reduces the probability that theencrypted program is hacked.

Embodiment 3

FIG. 5 is a block diagram showing a structure of a semiconductorintegrated circuit device 501 according to a third embodiment of thepresent invention.

A semiconductor integrated circuit device 501 shown in FIG. 5 isdifferent from the semiconductor integrated circuit device 101 shown inFIG. 1 in that it further comprises a memory port 402. The semiconductorintegrated circuit device 501 is also different from the semiconductorintegrated circuit device 101 shown in FIG. 1 in that a securitycontroller 111 c has a flag storing portion 113 c for storing theprogram decryption execute flag 112F and a RAM initializer 502(corresponding to a memory initializer). As for the other components,they operate similarly to the components shown in FIG. 1 so that thedescription thereof will not be repeated.

Immediately before the program decryption execute flag 112F is reset,the RAM initializer 502 writes “1” in each of the regions of theinternal RAM 105 to erase data, thereby preventing the decrypted programand the data under decryption, which are written in the internal RAM105, from being monitored from the outside.

A description will be given next to the procedure of decrypting theencrypted program to generate the program D128 a and executing theprogram D128 a.

FIG. 6 is a flow chart showing the procedure of decrypting the encryptedprogram in the third embodiment.

First, in Step ST201, a CPU 103 c transfers the decryption program D123a and the encrypted program to the internal RAM 104.

When the transfer is completed, the whole process then advances to ST402where the CPU 103 c sets the program decryption execute flag 112F. Atthis time, a bus port 110c disconnects the internal bus 109 and theexternal bus 102 from each other, while the memory port 402 haltswriting to the internal RAM 104 under the control of the securitycontroller 111 c.

Then, the whole process advances to Step ST205 where the CPU 103 cexecutes the decryption program D123 a, thereby decrypts the encryptedprogram by using the secret key stored in the secrete key storingregister 107 to generate the program D128 a, and writes the generatedprogram D128 a in the internal RAM 105.

When the generated program D128 a is written in the internal RAM 105,the whole process then advances to Step ST206 where the CPU 103 cexecutes the program D128 a.

The whole process then advances to Step ST607 where the RAM initializer502 writes “1” in each of the regions of the internal RAM 105 to erasedata.

Finally, when the data in the internal RAM 105 is erased, the wholeprocess advances to Step ST207 where the program decryption execute flag112F is reset. When the program decryption execute flag 112F is reset,the general-purpose register controller 119 c resets the general-purposeregisters 120c under the control of the security controller 111 b. Whenthe program decryption execute flag 112F is reset, the bus port 110 cconnects the internal bus 109 and the external bus 102 to each other,while the memory port 402 enables writing to the internal RAM 104 underthe control of the security controller 111 c.

In the semiconductor integrated circuit device 501, the memory port 402executes the decryption program D123 a and halts writing to the internalRAM 104 while the program D128 a is generated so that the data andprogram D128 a under decryption are not stored in the internal RAM 104.In addition, the RAM initializer 502 has completely erased data in theinternal RAM 105 immediately before the bus port 110 c brings theexternal bus 102 and the internal bus 109 in the disconnected state intothe connected state so that the data and program D128 a under decryptionare not outputted to the outside.

Thus, according to the third embodiment, it is no more necessary toprovide the semiconductor integrated circuit device with an internalnonvolatile memory for keeping the decryption program so that a costreduction is achieved. Moreover, the encrypted program can be decryptedand executed, while the program and data under decryption are notmonitored from the outside. This reduces the probability that theencrypted program is hacked.

Embodiment 4

FIG. 7 is a block diagram showing a structure of a semiconductorintegrated circuit device 701 according to a fourth embodiment of thepresent invention.

A semiconductor integrated circuit device 701 shown in FIG. 7 isdifferent from the semiconductor integrated circuit device 101 shown inFIG. 1 in that it further comprises a decryption key access port 703 anda decryption key storing register 702. A PC 128 dis different from thePC 128 a shown in FIG. 1 in that it keeps a decryption key encryptionprogram D728 c, an encryption key D728 d, and a decryption key D728 e inaddition to the program D728 a and the encryption program D728 b. A flagstoring portion 113 d is different from the flag storing portion 113 ashown in FIG. 1 in that it keeps a decryption key decryption flag 704Fin addition to the program decryption execute flag 112F and the RAM copyflag 113F. A flash memory 123 d is different from the flash memory 123 ain that it keeps a decryption key decryption program D723 b in additionto the decryption program 723 a. As for the other components, theyoperate similarly to the components shown in FIG. 1 so that adescription will be given with particular emphasis on different portionsbetween FIGS. 7 and 1.

A CPU 103 d operates in accordance with a program stored in the internalRAM 104 or 105 or in the flash memory 123d. Besides operating a normalprogram, the CPU 103 d executes the decryption of the encrypteddecryption key and the decryption of the encrypted program as well asthe decrypted program. The CPU 103 d also transfers the encrypteddecryption key inputted from the outside, the encrypted program, thedecryption key encryption program D723 b, and the decryption programD723 a to the internal RAM 104.

The internal RAM 104 is a memory used during a normal operation, i.e.,when none of the decryption program D723 a, the decryption keydecryption program D723 b, and the decrypted program is executed. Adescription will be given to the case where the encrypted decryption keyis decrypted and stored in the decryption key storing register 702.First, in the state in which the external bus 102 and the internal bus109 are connected to each other by the bus port 110 d, the CPU 103 dtransfers the encrypted decryption key and the decryption key decryptionprogram D723 b in the flash memory 123 d to the internal RAM 104 via theexternal bus 102 and the internal bus 109. Then, after the bus port Hoddisconnects the external bus 102 and the internal bus 109 from eachother, a DMA controller 118 dtransfers the encrypted decryption key andthe decryption key decryption program D723 b from the internal RAM 104to the internal RAM 105. Thereafter, a security controller 111 ddisables access from the internal bus 109 to the internal RAM 104 untilthe decryption key decryption program D723 b is completed.

Subsequently, a description will be given to the case where theencrypted program is decrypted and executed. First, the CPU 103 dtransfers the encrypted program and the decryption program D723 a to theinternal RAM 104 in the state in which the external bus 102 and theinternal bus 109 are connected to each other by the bus port 110 d.After the bus port 110 d then disconnects the external bus 102 and theinternal bus 109 from each other, the DMA controller 118 d transfers theencrypted program and the decryption program D723 a from the internalRAM 104 to the internal RAM 105. Thereafter, the security controller 111d disables access from the internal bus 109 to the internal RAM 104until the execution of the decrypted program is completed.

The internal RAM 105 is used during the execution of the decryption keydecryption program D723 b, the decryption program D723 a, and thedecrypted program D728 b. A description will be given to the case wherethe encrypted decryption key is decrypted and stored in the decryptionkey storing register 702. After the bus port 110 d disconnects theexternal bus 102 and the internal bus 109 from each other, the DMAcontroller 118 dtransfers the encrypted decryption key and thedecryption key decryption program D723 b from the internal RAM 104 tothe internal RAM 105. During the decryption of the encrypted decryptionkey, the CPU 103 d decrypts the encrypted decryption key by using theinternal RAM 105. A description will be given to the case where theencrypted program is decrypted and executed. After the bus port 110ddisconnects the external bus 102 and the internal bus 109 from eachother, the encrypted program and the decryption program D723 a aretransferred from the internal RAM 104 to the internal RAM 105. Duringthe decryption of the encrypted program and during the execution of thedecrypted program, the CPU 103 d decrypts the encrypted program andexecutes the decrypted program by using the internal RAM 105. While theexternal bus 102 and the internal bus 109 are connected to each other bythe bus port 110 d, access from the internal-bus 109 to the internal RAM105 is disabled. Accordingly, the decrypted decryption key D728 e, thedecrypted program D728 a, and data during the execution of thesedecryption processes, each temporarily stored in the internal RAM 105,are not monitored from the outside.

The public key storing register 106 is a register storing a public key,which is used only for reading. The public key is transferred to thepersonal computer 128 e disposed outside the semiconductor integratedcircuit device 701 and used in conjunction with the decryption keyencryption program D728 c to encrypt the decryption key D728 e. Theencrypted decryption key is decrypted by using the decryption keydecryption program D723 b and the secret key stored in the secret keystoring register 107.

The secret key storing register 107 is a register storing a secret key,which is used only for reading. The secret key is used when theencrypted decryption key is decrypted by using the secret key.

The decryption key storing register 702 is a register for storing thedecryption key D728 e such that it is written therein and readtherefrom. The decryption key D728 e is used in conjunction with thedecryption key decryption program D723 b to decrypt the encryptedprogram.

The secret key access port 108 d enables the CPU 103 d to read thesecret key from the secret key storing register 107 only while thedecryption key decryption flag 704F is set and the RAM copy flag 113F isreset. Specifically, the CPU 103 d enables the reading of the secret keyfrom the secret key storing register 107 only while the decryption keydecryption program D723 b is initiated, the transfer of the encrypteddecryption key and the decryption key decryption program D723 b from theinternal RAM 104 to the internal RAM 105 is completed, the RAM copy flag113F is reset, and the encrypted decryption key is decrypted thereafter.At any time other than the above, the reading of the secret key isdisabled.

The decryption key access port 703 enables the writing of the decryptionkey D728 e while the decryption key decryption flag 704F is set and theRAM copy flag 113 is reset. The decryption key access port 703 enablesthe reading of the decryption key D728 e while the program decryptionexecute flag 112F is set and the RAM copy flag 113F is reset. At anytime other than the above, the writing and reading of the decryption keyD728 e are both disabled. Specifically, the writing of the decryptionkey D728 e is enabled while the decryption key decryption program D723 bis initiated, the transfer of the encrypted decryption key and thedecryption key decryption program D723 b from the internal RAM 104 tothe internal RAM 105 is completed, the RAM copy flag 113F is reset, andthe encrypted decryption key is decrypted thereafter. On the other hand,the reading of the decryption key D728 e is enabled while the decryptionprogram D723 a is initiated, the transfer of the encrypted program andthe decryption program D723 a from the internal RAM 104 to the internalRAM 105 is completed, the RAM copy flag 113F is reset, and the encryptedprogram is decrypted thereafter.

The bus port 110 d disconnects the internal bus 109 and the external bus102 from each other when at least one of the decryption key decryptionflag 704F, the program decryption execute flag 112F, and the RAM copyflag 113F is set. During the execution of the decryption key decryptionprogram D723 b, the decryption program D723 a, and the decrypted programD728 a, therefore, the internal bus 109 and the internal bus RAM 105 arenot monitored from the outside. In any case other than the above, theinternal bus 109 and the external bus 102 are connected to each other.

The security controller 111 d is internally provided with a flag storingportion for keeping the decryption key decryption flag 704F, with theprogram decryption execute flag 112F, and with the RAM copy flag 113F, aCS dispatcher 114 d, and the DMA controller 118 d.

The decryption key decryption flag 704F is set by the CPU 103 when thedecryption key decryption program D723 b is initiated and reset by theCPU 103 when the decryption of the decryption key is completed. Thedecryption key decryption program D723 b is initiated, the transfer ofthe encrypted decryption key and the decryption key decryption programD723 b from the internal RAM 104 to the internal RAM 105 is completed,and the RAM copy flag 113F is reset. Thereafter, access to the internalRAM 104 is disabled during the decryption of the encrypted decryptionkey, while access to the internal RAM 105, to the secret key storingregister 107, and to the decryption key storing register 702 is enabled.When the decryption key decryption flag 704F is reset, access to theinternal RAM 105, to the secret key storing register 107, and to thedecryption key storing register 702 is disabled.

The program decryption execute flag 112F is set by the CPU 103 d at theinitiation of the decryption program D723 a and reset by the CPU 103 dat the completion of the execution of the decrypted program. Thedecryption program D723 a is initiated, the transfer of the encryptedprogram and the decryption program D723 a from the internal RAM 104 tothe internal RAM 105 is completed, and the RAM copy flag 113F is reset.While the encrypted program is decrypted and the decrypted program isexecuted thereafter, access to the internal RAM 104 is disabled andaccess to the internal RAM 105 and to the decryption key storingregister 702 is enabled. When the program decryption execute flag 112Fis reset, access to the internal RAM 105, to the secret key storingregister 107, and to the decryption key storing register 702 isdisabled.

The RAM copy flag 113F is set by the CPU 103 d at the initiation of thedecryption key decryption program D723 b or the decryption program D723a and reset by the CPU 103 d at the completion of data transfer from theinternal RAM 104 to the internal RAM 105:

The CS dispatcher 114d asserts each of the chip select signals 116S and117S when the RAM copy flag 113F is set, thereby enabling the DMAcontroller 118 d to transfer the encrypted decryption key, thedecryption key decryption program D723 b, the encrypted program, and thedecryption program D723 a from the internal RAM 104 to the internal RAM105. When the decryption key decryption flag 704F or the programdecryption execute flag 112F is set and the RAM copy flag 113F is reset,the CS dispatcher 114d negates the chip select signal 116S and transfersthe chip select signal 115S as the chip select signal 117S. This enablesaccess to the internal RAM 105 during the decryption of the encrypteddecryption key, during the decryption of the encrypted program, andduring the execution of the decrypted program. In any case other thanthose mentioned above, the CS dispatcher 114d transfers the chip selectsignal 115S as the chip select signal 116S and negates the chip selectsignal 117S, thereby disabling access to the internal RAM 105 during anormal operation, i.e., when none of the decryption key decryptionprogram D723 b, the decryption program D723 a, and the decrypted programD728 a is executed.

When the RAM copy flag 113F is set, the DMA controller 118 d transfersthe encrypted decryption key, the decryption key decryption program D723b, the encrypted program, and the decryption program D723 a from theinternal RAM 104 to the internal RAM 105. When the transfer iscompleted, the DMA controller 118 d resets the RAM copy flag 113F.

The general-purpose register controller 119d resets the general-purposeregisters 120 d when the decryption key decryption flag 704F or theprogram decryption execute flag 112F is reset. During the decryption ofthe encrypted program, therefore, data generated in the general-purposeregisters 120 d during the execution of the decrypted program is notmonitored from the outside.

The decryption key decryption program D723 b is kept in the flash memory123 d. When the decryption key encrypted by using the decryption keyencryption program D728 c and the secret key is decrypted, thedecryption key decryption program D723 b is transferred to the internalRAM 105 via the internal RAM 104 in the semiconductor integrated circuitdevice 701 to decrypt the encrypted decryption key in conjunction withthe secret key stored in the secret key storing register 107.

The decryption program D723 a is kept in the flash memory 123 d. Whenthe program encrypted by using the encryption program D728 b and theencryption key D728 d is decrypted, the decryption program D723 a istransferred to the internal RAM 105 via the internal RAM 104 in thesemiconductor integrated circuit device 701 to decrypt the encryptedprogram in conjunction with the decryption key stored in the decryptionkey storing register 702.

The program D728 a is encrypted by using the encryption program D728 band the encryption key D728 d and transferred to the semiconductorintegrated circuit device 701 via the network 127, the personal computer126, the USB cable 125, the USB upstream port 124, and the external bus102. In the semiconductor integrated circuit device 701, the programD728 a is decrypted by using the decryption program D723 a and thedecryption key D728 e stored in the decryption key storing register 107.

The encryption program D728 b is for encrypting the program D728 a byusing the encryption key D728 d.

The decryption key encryption program D728 c is for encrypting thedecryption key D728 e in conjunction with the public key stored in thepublic key storing register 106.

The encryption key D728 d is for encrypting the program D728 a inconjunction with the encryption program D728 b.

The decryption key D728 e is for decrypting the encrypted program byusing the encryption key D728 d in conjunction with the decryptionprogram D723 a.

Information equipment 740 has the semiconductor integrated circuitdevice 701, the peripheral equipment 150, the flash memory 123 d, andthe USB upstream port 124.

A description will be given next to the procedure of decrypting theencrypted decryption key and storing the decryption key D728 e in thedecryption key storing register 702.

FIG. 8 is a flow chart showing the procedure of decrypting the encrypteddecryption key in the fourth embodiment.

First, in Step ST801, the CPU 103 d transfers the decryption keydecryption program D723 b and the encrypted decryption key to theinternal RAM 104.

When the transfer is completed, the whole process then advances to StepST802 where the CPU 103 d sets the decryption key decryption flag 704Fand the RAM copy flag 113F. At this time, the bus port 110 d disconnectsthe internal bus 109 and the external bus 102 from each other.

After the disconnection, the whole process then advances to Step ST803where the DMA controller 118 d transfers the decryption key decryptionprogram D723 b and the encrypted decryption key in the internal RAM 104to the internal RAM 105.

When the transfer is completed, the whole process then advances to StepST804 where the CPU 103 d resets the RAM copy flag 113F. From theresetting of the RAM copy flag 113F on till the completion of StepST805, which will be described later, the CS dispatcher 114 d does notassert the chip select signal 116S.

Next, the whole process advances to Step ST805 where the CPU 103 dexecutes the decryption key decryption program D723 b by using thesecret key stored in the secret key storing register 107 to decrypt theencrypted decryption key, thereby generates the decryption key D728 e,and stores it in the decryption key storing register 702.

Finally, the whole process advances to Step ST806 where the decryptionkey decryption flag 704F is reset. When the decryption key decryptionflag 704F is reset, the general-purpose register controller 119d resetsthe general-purpose registers 120 d. When the decryption key decryptionflag 704F is reset, the bus port 110 d connects the internal bus 109 andthe external bus 102 to each other. The CS dispatcher 114 d transfersthe chip select signal 115S as the chip select signal 116S and negatesthe chip select signal 117S.

FIG. 9 shows the respective states of the decryption key decryption flag704F, the program decryption execute flag 112F, the bus port 110 dcorresponding to the state of the RAM copy flag 113F, the secret keyaccess port 108 d, the decryption key access port 703, and the chipselect signals 116S and 117S.

In FIG. 9, “Open” represents the case where the bus port 110 d, thesecret key access port 108 d, and the decryption key access port 703enable data transfer and “Close” represents the case where data transferis not enabled, while CS 115 represents the case where the chip selectsignal 115S is transferred as the chip select signals 116S and 117S.

As shown in FIG. 9, when the external bus 102 and the internal bus 109are connected to each other by the bus port 110 d, the secret keystoring register 107 and the decryption key decryption register 702cannot be accessed. On the other hand, the chip select signal 116S isnot asserted when the decryption key decryption program D723 b isexecuted and the decryption key D728 e is generated. Accordingly, dataunder decryption, the secret key, and the decryption key D728 e are notstored in the internal RAM 104. Since the chip select signal 117S isnegated when the external bus 102 and the internal bus 109 are connectedto each other by the bus port 110 d, data under decryption, the secretkey, and the decryption key D728 e are not outputted to the outside.

A description will be given next to the procedure of decrypting theencrypted program to generate the program D728 a and executing theprogram D728 a with reference to FIG. 10.

FIG. 10 is a flow chart showing the procedure of decrypting theencrypted program in the fourth embodiment.

First, in Step ST1001, the CPU 103 d transfers the decryption programD723 a and the encrypted program to the internal RAM 104.

When the transfer is completed, the whole process advances to StepST1002 where the CPU 103 d sets the program decryption execute flag 112Fand the RAM copy flag 113F. At this time, the bus port 110 d disconnectsthe internal bus 109 and the external bus 102 from each other.

After the disconnection, the whole process advances to Step ST1003 wherethe DMA controller 118 d transfers the decryption program D723 a and theencrypted program in the internal RAM 104 to the internal RAM 105.

When the transfer is completed, the whole process advances to StepST1004 where the CPU 103 d resets the RAM copy flag 113F. From theresetting of the RAM copy flag 113F on till the completion of StepST1006, which will be described later, the CS dispatcher 114 d does notassert the chip select signal 116S.

Then, the whole process advances to Step ST1005 where the CPU 103 dexecutes the decryption program D723 a by using the decryption key D728e, thereby decrypts the encrypted program, and generates the programD728 a. The generated program D728 a is written in the internal RAM 105.

Then, the whole process advances to Step ST1006 where the CPU 103 dexecutes the program D728 a.

Finally, the whole process advances to Step ST1007 where the CPU 103 dresets the program decryption execute flag 112F. When the programdecryption execute flag 112F is reset, the general-purpose registercontroller 119d resets the general-purpose registers 120 d. When theprogram decryption execute flag 112F is reset, the bus port 110 dconnects the internal bus 109 and the external bus 102 to each other.The CS dispatcher 114 d transfers the chip select signal 115S as thechip select signal 116S and negates the chip select signal 117S.

As shown in FIG. 9, the chip select signal 116S is not asserted when thedecryption program D723 a is executed and the program D728 a isgenerated. Accordingly, data under decryption, the decryption key D728e, and the program D728 a are not stored in the internal RAM 104. Sincethe chip select signal 117S is negated when the external bus 102 and theinternal bus 109 are connected to each other by the bus port 110 d, dataunder decryption, the decryption key D728 e, and the program D728 a arenot outputted to the outside.

Thus, it is no more necessary to provide the semiconductor integratedcircuit device with an internal nonvolatile memory for keeping thedecryption program so that a cost reduction is achieved. Moreover, theencrypted program can be decrypted and executed, while the program anddata under decryption are not monitored from the outside. This reducesthe probability that the encrypted program is hacked.

In addition, the encryption program and the encryption strength can beselected at the encrypted program transferor.

Program Delivery Method and System

FIGS. 11 to 17 are views for illustrating a program delivery system anda program delivery method, which will be described herein below by usingthe present fourth embodiment as an example.

FIGS. 11 to 17 show data transmission and reception between thesemiconductor integrated circuit device 701 (corresponding to a seconddevice) within information equipment used by the program user and the PC128 d (corresponding to a first device) used by the program developerfrom the encryption of a program till the decryption of the encryptedprogram.

First, as shown in FIG. 11, the semiconductor integrated circuit device701 at the user transfers a public key D106 stored in the public keystoring register 106 to the PC 128 d at the developer.

Next, as shown in FIG. 12, the PC 128 d at the developer encrypts thedecryption key D728 e by using the public key D106 and the decryptionkey encryption program D728 c to generate an encrypted decryption key1201.

Next, as shown in FIG. 13, the PC 128 d at the developer transfers theencrypted decryption key 1201 to the semiconductor integrated circuitdevice 701 at the user.

Next, as shown in FIG. 14, the semiconductor integrated circuit device701 at the user decrypts the encrypted decryption key 1201 by using thesecret key D107 stored in the secret key storing register 107 and thedecryption key decryption program D723 b and stores the decryption keyD728 e in the decryption key storing register 702.

Then, as shown in FIG. 15, the PC 128 d at the developer encrypts theprogram D728 a by using the encryption key D728 d and the encryptionprogram D728 b to generate an encrypted program 1501.

Next, as shown in FIG. 16, the PC 128 d at the developer transfers theencrypted program 1501 to the semiconductor integrated circuit device701 at the user.

Finally, as shown in FIG. 17, the semiconductor integrated circuitdevice 701 at the user decrypts the encrypted program 1501 by using thedecryption key D728 e and the decryption program D723 a and executes thedecrypted program D728 a.

Thus, the program is encrypted by using the encryption key possessed bythe program developer and the encrypted program is delivered to theuser. Since the encrypted program can be decrypted by using thedecryption key possessed by the program developer, it becomes possibleto encrypt the program with an encryption strength desired by theprogram developer and deliver the encrypted program.

Although each of the first to fourth embodiments has described the casewhere the control of the internal RAMs 104 and 105 is effected by usingthe chip select signals in the semiconductor integrated circuit, it willeasily be appreciated that the present invention is also similarlypracticable in each of the embodiments even if a write enable signal anda read enable signal are used.

1-8. (canceled)
 9. A program delivery method for delivering a programbetween a first device and a second device, the method comprising thesteps of: transferring a public key from the second device to the firstdevice; transferring a decryption program to the second device from theoutside thereof; encrypting the program by using the public key in thefirst device and transferring the encrypted program to the seconddevice; and decrypting the encrypted program by using a secret keycorresponding to the public key and the decryption program in the seconddevice.
 10. A program delivery method for delivering a program between afirst device and a second device, the method comprising the steps of:transferring a public key from the second device to the first device;encrypting a decryption key by using the public key in the first deviceand transferring the encrypted decryption key to the second device;decrypting the encrypted decryption key by using a secret keycorresponding to the public key in the second device; encrypting theprogram by using an encryption key corresponding to the decryption keyin the first device and transferring the encrypted program to the seconddevice; and decrypting the encrypted program by using the decrypteddecryption key in the second device.
 11. A program delivery system fordelivering a program, the system comprising: a first device and a seconddevice, the first device encrypting the program by using a public keyand transferring the encrypted program to the second device and thesecond device decrypting the program encrypted by the first device byusing a secret key corresponding to the public key and a decryptionprogram transferred from the outside of the second device.
 12. A programdelivery system for delivering a program, the system comprising: a firstdevice and a second device, the first device encrypting a decryption keyby using a public key, transferring the encrypted decryption key to thesecond device, encrypting the program by using an encryption keycorresponding to the decryption key, and transferring the encryptedprogram to the second device. the second device decrypting thedecryption key encrypted by the first device by using a secret keycorresponding to the public key and decrypting the program encrypted bythe first device by using the decrypted decryption key.